closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message)

2025-12-10 09:49:06 +00:00 · 2011-04-06 14:41:44 +00:00
parent 8b14a9eaa7
commit 05d12790f1
8 changed files with 48 additions and 17 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -96,10 +96,10 @@ def checkSqlInjection(place, parameter, value):

            # Skip test if the user's wants to test only for a specific
            # technique
-            if conf.technique and isinstance(conf.technique, list) and stype not in conf.technique:
+            if conf.tech and isinstance(conf.tech, list) and stype not in conf.tech:
                debugMsg = "skipping test '%s' because the user " % title
                debugMsg += "specified to test only for "
-                debugMsg += "%s" % ",".join(map(lambda x: PAYLOAD.SQLINJECTION[x], conf.technique))
+                debugMsg += "%s" % ",".join(map(lambda x: PAYLOAD.SQLINJECTION[x], conf.tech))
                logger.debug(debugMsg)
                continue

--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -406,14 +406,19 @@ def start():

            if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
                if not conf.realTest:
-                    errMsg = "all parameters are not injectable, try "
-                    errMsg += "a higher --level/--risk to use more tests"
+                    errMsg = "all parameters are not injectable, try to "
+                    errMsg += "increase --level/--risk values to perform "
+                    errMsg += "more tests."
+
+                    if isinstance(conf.tech, list) and len(conf.tech) > 0:
+                        errMsg += " Rerun without providing the --technique switch."

                    if not conf.textOnly and kb.originalPage:
                        percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) / len(kb.originalPage))
-                        errMsg += " and/or --text-only switch if the target page "
-                        errMsg += "has a low percentage of textual content "
-                        errMsg += "(approximately %.2f%% of page content is text)" % percent
+                        errMsg += " Give it a go with the --text-only switch "
+                        errMsg += "if the target page has a low percentage of "
+                        errMsg += "textual content (~%.2f%% of " % percent
+                        errMsg += "page content is text)"

                    raise sqlmapNotVulnerableException, errMsg
                else: